Your basket is empty.

Total £0.00
Leavers Books Basket

Our Privacy Policy

Here at School Products your privacy is our priority, especially as we deal with the personal data of children.

Please find below our Privacy Policy, we’ve tried to make it as easy to read as possible and not hide behind long words or clauses. If you do have any questions or require any more information you can email us at [email protected] and we’ll be more than happy to help!

The formal bits:

Company: Bonacia Ltd

Brand: School Products

Company Number: 05368980

Data Protection Officer: We engage an external team to look after and advise us on our Data Compliance, they are Xynics Data Solutions Ltd and can be contacted at [email protected], on 0330 3800628, or by writing to them via our address below;

Address: Remus house, Coltsfoot Drive, Woodston, Peterborough, PE2 9BF

Data Protection registration number: ZA230462

We’ve tried to make how we process your data as simple as possible to understand. Use the handy table below to check out when, what, why and how we process your personal data, but first;

School Products will not share or transfer your data to any third parties, however to manage our emails, we may save your email address and name on a system called Ontraport (who are subscribed to the EU-US Privacy Shield framework which ensures they follow EU laws in their processing and security) and we will send any orders through Royal Mail or Parcel Force who have their own comprehensive GDPR policies.

When… What? Why? How and how long? (Lawful basis and retention)
You place an order with us Name, email address, contact number, school name and school address So we can send you your order

We’ll keep this data for 2 years. This allows you or parents to order more copies if needed

We send you a proof via email or post Name, email address, contact number, school name and school address and also the names and photographs of children you add to these products So we can send you your proof Contractual

We’ll keep this data for 2 years and hopefully you will request another sample the next academic year

You create a Personalised product with us. This could be online, by email or using a USB Name, email address, contact number, school name and school address and also the names and photographs of children you add to these products To help you create the most amazing personalised product Contractual

We will keep this information for 2 years. If you supply this by USB we will transfer the information on to our secure servers and delete it from the USB as soon as we receive it

When you sign up to our newsletter Your name and email address To send you’re your monthly newsletter Consent-based

We will keep this info for 12 months. We will then ask you if you would like to resubscribe for a further 12 months

When you contact us via email, live chat or contact us form Your name and email address To respond to your enquiry Legitimate Interest (if you are sending us an email it is in our interests as a business to respond to your query)
We only keep this information for 3 months and then it is deleted
You win a social media giveaway Your name and address To send you your prize Contractual

We only keep this info for 1 month, we may for some reason need to resend the item out

When we take payments from you online or by post;

Bonacia Ltd do not store any payment information ourselves, other than an indicator of the success or failure of a payment, however we do us PayPal to process our payments by credit card, debit card or PayPal. When you (or we on your behalf if by post or telephone) process a payment, this information is submitted to that provider and they may retain that information for their own purposes. You can review their privacy policy here.

International Data Transfers

Bonacia Ltd utilise the Amazon Cloud services to store and process data. Inc. subscribe to something called the EU-US Privacy Shield Framework, which means they have committed to processing information in accordance with EU law, and thus abide by the GDPR. You can view their current registration on this scheme here.
Don’t worry, your information is safe, our services are in a private cloud and are encrypted, so nobody but us (not even Amazon themselves) can access or view the information we store.

Your rights over your information

By law, you can ask us to:

  • provide you with a copy of or access to all information we hold about you,
  • correct it if it is inaccurate
  • Erase it.

You can also ask us to stop using your information, in part or in full – the simplest way to do this is to withdraw your consent, which you can do at any time, either by clicking the unsubscribe link at the end of any of our emails, or by emailing, writing or telephoning us using the contact details above.

If our lawful reason for processing your information is not consent and you would like us to stop using it you can submit a request by email, post or telephone. Please use the contact information provided above.

You can also ask us to give you a copy of the information and to stop using your information for a period of time if you believe we are not doing so lawfully.

Your right to complain

If you have a complaint about our use of your information, you can contact the Information Commissioner’s Office via their website at or write to them at:
Information Commissioner’s Office
Wycliffe House
Water Lane

For those of you who would like more information on how we look after and protect your data please see the FAQs below.

How/where is my data stored?

All personal data is held within Bonacia’s secure network which uses ‘per user’ based access control, or on our secure Amazon server (as detailed in the above International Data Transfer Section).

Each brand within Bonacia has its own dedicated folder structure, which ensures that only those Bonacia employees that need to see any personal information can.

Do you use the illusive ‘Cloud’ to store data or backups, if so how do you keep it safe?

We use Netgear for this, they are a very reputable company and know what they are doing. All data is encrypted using 128 bit SSL secure connection for transmission and 256 bit AES encryption for the physical data.

All data also hides behind firewalls and are password protected.

Are your premises secure?

Of course! We have a motion sensor alarm system, window locks and films, a strict visitor policy, CCTV and a clean desk policy to make sure your data is safe. We also have access control so only employees can get in.

Are your staff responsible and reliable, and will they look after my data?

Firstly we only employ responsible people; we get full references and all members of staff have completed a DBS check so we know who we’re working with.

We also train our staff in data protection and have policies and procedures in place to make sure your personal data stays safe.

How is paper with personal data on safely and securely disposed of?

We have secure shredding bins in the office, these are locked and secure at all times. They are picked up monthly and shredded off site. Don’t panic though the vans are well protected with CCTV and we get a pick up note and confirmation when all our waste has been securely destroyed.

So there you have an overview of how we protect your data. You can now relax and know your data is in safe hands. If you would like any further information on how we look after your data please contact us and we’ll be more than happy to help.